package com.wbs.realm;

import com.wbs.model.TbUser;
import com.wbs.service.LoginService;
import com.wbs.utils.JwtUtil;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

/**
 * @Author: 芝梦
 * @Description: 用于运营商或商家的登陆权限验证
 * @DateTime: 2024/1/26 14:35
 */
public class UserRealm extends AuthorizingRealm {
    @Autowired
    private LoginService loginService;

    @Autowired
    private JwtUtil jwtUtil;

    //用于授权的权限认证
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {

        return null;
    }

    //用于登录的身份认证
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        //1. 强转token
        UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
        //2. 校验用户名
        TbUser tbUser = loginService.selectUserByUsername(token.getUsername());
        if (tbUser == null){
            return null;
        }
        //3. 校验密码
        SimpleAuthenticationInfo sim = new SimpleAuthenticationInfo(tbUser, tbUser.getPassword(),ByteSource.Util.bytes(tbUser.getSalt()),"userRealm");
        return sim;
    }
}
